About

Learn more about me

လီးပဲပုံမရှိဖူး

Offensive Security & Cloud Security Engineer

Here are some of my contact details for your convenience. For additional information, you can visit

  • Birthday: 6 Jun 1990
  • Website: https://cyber-insights-forum.vercel.app
  • Phone: ( +95 ) 9675196229
  • City: Yangon
  • Age: 34
  • Degree: Bachelor of Computer Science
  • Email: rev3l4infosec@gmail.com
  • Freelance: Available

I am a professional Sr.Offensive Security Engineer from Myanmar. I have experience in various roles, including Mentor, Instructor , Cloud Security Engineer, Content Creator , and Security Researcher. My diverse background and dedication to security make me a valuable resource for your convention.

Happy Clients

Projects

Hours Of Support

Awards

Programming Language

HTML / CSS 100%
Bootstrap / SCSS 87%
React75%
C / C++ 100%
BASH SCRIPT 90%
JavaScript 75%
PHP / Laravel 80%
PYTHON 90%
PowerShell70%
R60%
RUST 70%
SWIFT55%

Certificates

AWS Cloud Red Team Specialist - CARTSRed Team
Red Team Specialist V2 - CRTS Red Team
Multi-Cloud Red Team Analyst - MCRTA Red Team
Full Stack Web Application DeveloperDevelopment
Certified in Cyber Security - CC Certified
AWS Cloud Practitioner Certified
Certified Cloud Security Professional - CCSPPurple
Certified Cloud Security Engineer - CCSE Purple
Certified Red Team Operator - CRTORed Team
Certified Red Team Expert - CRTE Red Team
AWS Red Team Expert - ARTERed Team
Diploma in Cyber Security Certified

TYPE OF CYBER SECURITY

Penetration Testing

Red Teaming

Ethical Hacking

Network Security

Endpoint Security

Incident Response

Data Protection

Cloud Security

Application Security

Identity and Access Management (IAM)

Data Security

Security Awareness and Training

Offensive Security & Defensive Security

Conducting authorized simulated attacks on systems, networks, or applications to identify vulnerabilities and weaknesses.

Penetration Testing

Simulating real-world cyber attacks to test the organization's defenses, often involving advanced threat simulations and scenario-based assessments.

Red Teaming

Using hacking techniques and tools to uncover security vulnerabilities and provide recommendations for improving security posture.

Ethical Hacking

Implementing measures to protect the network infrastructure, such as firewalls, intrusion detection systems (IDS), and secure VPNs.

Network Security

Securing individual devices (endpoints) against cyber threats using antivirus software, endpoint detection and response (EDR), and mobile device management (MDM).

Endpoint Security

Developing and implementing plans to respond to and mitigate the impact of cybersecurity incidents, including incident detection, containment, and recovery.

Incident Response

Ensuring the security and confidentiality of data through encryption, data loss prevention (DLP), and access control mechanisms.

Data Protection

Implementing security measures specific to cloud environments, including secure cloud architecture design, data encryption, and identity and access management (IAM) for cloud resources.

Cloud Security

Resume

Check My Resume

Summary

Sr.Offensive Security Engineer

Experienced and results-driven Senior Offensive Security Engineer with over 5 years of hands-on experience in designing, implementing, and managing advanced security solutions for cloud environments and infrastructure. Demonstrates a proven track record of leading cross-functional teams, developing robust security architectures, and ensuring compliance with industry standards. Adept at conducting comprehensive risk assessments, implementing effective security controls, and optimizing environments for maximum security and operational efficiency..

  • Cloud Security Architecture
  • Identity and Access Management (IAM)
  • Threat Detection and Incident Response
  • Compliance and Risk Management
  • Secure DevOps and CI/CD
  • Vulnerability Management
  • Data Encryption and Privacy
  • Network Security and Firewalls
  • Advanced Persistent Threats (APT) Analysis
  • Security Information and Event Management (SIEM)
  • Endpoint Security
  • Security Policy and Procedure Development
  • Red Team/Blue Team Exercises
  • Penetration Testing
  • Forensics and Incident Investigation
  • Security Architecture Review
  • Threat Intelligence
  • Application Security
  • Disaster Recovery Planning
  • Security Awareness Training
  • Cloud Compliance
  • API Security
  • Security Automation
  • Third-Party Risk Management


Education

Bachelor of Science in Computer Science

2010 - 2016

University of Technology (Yatanarpon Cyber City) , Mandalay, Myannmar

Computer science is the study of computers and computer systems, encompassing their physical components and practical applications. It's an interdisciplinary field that integrates principles from mechanics, engineering, and logic to explore a diverse array of topics, such as -> Algorithms and data structures , Software and hardware design and development , Artificial intelligence , Information , Automation , Security , Data analysis , Computational , Theory .

Full Stack - Web Applications Developer

2022 - 2023

MMS One Stop IT Solution, Yangon, Myanmar

A web developer is a professional who specializes in designing, building, and maintaining websites and web applications. Their primary focus is on the technical aspects of creating functional and user-friendly websites that meet client or organizational needs. Key responsibilities of a web developer typically include , Front-End , Back-End , Database , esting and Debugging , Version Control and Deployment ,Security .

C++ Programmer

2020 - 2021

COMPU TECH ICT Institute , MICT Park, Hlaing Township, Yangon.

Studied C++ from 2020-2021 at Computer Technique schools, gaining a strong foundation in object-oriented programming, algorithm design, debugging, and memory management. Proficient in developing efficient and high-performance software solutions

Diploma in Cyber Security

2019 - 2020

Alison , Learning Platforms

The risks that cyber threats pose are more common now that we have become almost fully reliant on online technologies. This diploma course explains how such threats exploit cyber security flaws to cause financial loss, sensitive data breaches and threats to national security. We discuss the many safeguards and technologies used to protect computer servers, mobile devices, cloud services and data. Sign up to master information security.

Professional Experience

Founder - Director

2019 - Current

Cyber Insights Forum - CIF , Yangon ,Myanmar

As the Founder and Director of Cyber Insights Forum (CIF), you will lead the strategic vision and growth of our cybersecurity company. Your role encompasses setting organizational goals, driving innovation in cybersecurity solutions, and ensuring the successful delivery of our services. You will oversee all operational aspects, including team management, client relations, and business development, while fostering a culture of excellence and collaboration within the company.

  • Defining and executing the strategic vision and goals for CIF.
  • Leading and managing cross-functional teams to drive company growth and success.
  • Overseeing the development and delivery of cybersecurity services and solutions.
  • Building and maintaining strong relationships with clients and stakeholders.
  • Ensuring high standards of service delivery and client satisfaction.
  • Staying abreast of industry trends and technological advancements to drive innovation.
  • Managing business operations, including budgeting, resource allocation, and performance evaluation.

Sr.Offensive Security & Cloud Security Engineer

2024 - Current

AyarCloud , Dagon Township ,Myanmar

As a Senior Offensive Security & Cloud Security Engineer, you will play a pivotal role in safeguarding our cloud infrastructure by proactively identifying vulnerabilities and mitigating risks. You will lead red team exercises, conduct penetration testing, and collaborate closely with cross-functional teams, including Network, System, and SOC teams, to enhance security posture. Your expertise in offensive security strategies, cloud security best practices, and advanced threat analysis will be essential in developing robust security measures, conducting vulnerability assessments, and driving the overall security strategy of our cloud environments.

  • Leading offensive security operations, including red teaming and penetration testing.
  • Securing cloud environments (SaaS, PaaS, IaaS) through rigorous testing and proactive risk management.
  • Collaborating with Network, System, and SOC teams to integrate security controls.
  • Developing and maintaining security documentation, including threat models and mitigation strategies.
  • Staying updated with the latest security trends, threats, and technologies to enhance security capabilities.
  • Led the design and implementation of cloud security strategies for [describe specific projects or environments].
  • Managed IAM policies and roles, ensuring least privilege access across cloud platforms.
  • Conducted regular vulnerability assessments and penetration testing, resulting in specific outcomes or improvements.
  • Collaborated with DevOps teams to integrate security into CI/CD pipelines, enhancing application security posture.
  • Implemented security controls for cloud environments, including AWS, Azure, or Google Cloud, to mitigate risks and achieve compliance.
  • Developed incident response plans and led responses to security incidents, reducing mean time to respond.

Red Team Specialist

2019 - Present

Remote, NCC , New York

  • Conducting Advanced Threat Simulations
  • Vulnerability Assessment and Exploitation
  • Collaboration and Knowledge Sharing
  • Continuous Skill Development and Adaptation

Cloud infrastructure Systems Engineer

2024 - Current

One Cloud Technology , Alone Township ,Myanmar

As a Cloud Infrastructure System Engineer, you will be instrumental in designing, implementing, and managing our cloud infrastructure to ensure robust, scalable, and secure cloud solutions. You will work closely with cross-functional teams to optimize cloud environments and enhance overall system performance. Your role involves configuring and maintaining cloud services, managing infrastructure automation, and ensuring the reliability and security of our cloud resources.

  • Designing and deploying scalable and secure cloud infrastructure solutions (SaaS, PaaS, IaaS).
  • Managing cloud resources and services to ensure optimal performance and availability.
  • Implementing and maintaining infrastructure automation tools and practices.
  • Collaborating with development and operations teams to integrate cloud solutions effectively.
  • Monitoring and troubleshooting cloud infrastructure issues to ensure reliability and efficiency.
  • Staying current with emerging cloud technologies and best practices to drive continuous improvement.

Course Instructor

2022 - Current

MMS IT , Hlaing Township ,Myanmar

As a Course Instructor, you will be responsible for delivering high-quality educational content and training in cybersecurity and cloud technologies. You will design and develop comprehensive course materials, conduct engaging and informative classes, and assess student progress to ensure effective learning outcomes. Your role involves staying updated with the latest industry trends and technologies to provide relevant and cutting-edge education to students.

  • Designing and developing course content, including lectures, labs, and assessments.
  • Delivering engaging and informative classes that effectively communicate complex concepts.
  • Evaluating student performance and providing constructive feedback to facilitate learning.
  • Keeping course materials current with industry standards and emerging technologies.
  • Assisting students with queries and providing additional support as needed.
  • Continuously improving course content and teaching methods based on student feedback and industry developments.

Founding Member

2023 - Current

Dev o'Clock , Yangon , Myanmar

As a Founding Member of Dev o'Clock, you will play a critical role in shaping the direction and growth of our organization. Your responsibilities include contributing to the strategic vision, developing innovative solutions, and driving the core initiatives of the company. You will collaborate with other founding members to establish company values, build a strong team, and ensure the successful launch and evolution of our projects.

  • Contributing to the strategic vision and goals of Dev o'Clock.
  • Leading and participating in the development of innovative solutions and projects.
  • Building and nurturing a high-performing team and fostering a collaborative environment.
  • Overseeing key initiatives and ensuring alignment with organizational objectives.
  • Engaging with stakeholders and partners to build strong relationships and drive business growth.
  • Ensuring the successful implementation and scaling of projects and initiatives.
  • Staying informed about industry trends and technological advancements to guide company strategy.

Sr.Cyber Security Instructor

2020 - Current

Gh0st InfoSec Security , New York , United States

As a Senior Cyber Security Instructor at Gh0st InfoSec Security, based in New York, you will be responsible for leading advanced cybersecurity training and education programs. You will develop and deliver comprehensive training materials, mentor students, and ensure that participants gain in-depth knowledge and practical skills in cybersecurity. Your role involves staying at the forefront of cybersecurity trends and threats to provide cutting-edge education and prepare students for real-world challenges.

  • Designing and delivering advanced cybersecurity training programs and courses.
  • Developing high-quality educational materials and practical exercises.
  • Mentoring and guiding students to achieve their learning goals and career aspirations.
  • Evaluating student performance and providing constructive feedback to enhance learning outcomes.
  • Staying updated with the latest cybersecurity trends, tools, and technologies to ensure course relevancy.
  • Collaborating with industry professionals to continuously improve training content and methods.
  • Representing Gh0st InfoSec Security at industry events and contributing to the company's thought leadership.

Ours Services

Offensive & Defensive Security Services

Red Team Operations

Conduct comprehensive and realistic attacks against an organization’s security defenses. Simulate sophisticated threat actor tactics, techniques, and procedures (TTPs) to test the effectiveness of security measures and incident response.

Penetration Testing

Perform controlled attacks on systems, networks, and applications to identify vulnerabilities and weaknesses. Provide detailed reports with exploitation findings, risk assessments, and recommendations for remediation.

Social Engineering Attacks

Execute simulated social engineering attacks such as phishing, pretesting, and baiting to assess the susceptibility of employees and organizational practices. Evaluate the effectiveness of employee awareness and response mechanisms.

Exploit Development

Develop and test custom exploits to uncover vulnerabilities that are not identified by standard tools. Assess the impact and risk of these vulnerabilities to provide actionable insights.

Advanced Persistent Threat (APT) Simulation

Simulate advanced and persistent threats to evaluate the organization’s ability to detect and respond to sophisticated attacks. Use multi-stage attack scenarios to mimic real-world adversaries.

Physical Security Testing

Assess physical security controls through methods such as tailgating, access card testing, and facility infiltration. Evaluate the effectiveness of physical security measures and procedures.

Red Team/Blue Team Exercises

Coordinate and execute exercises where Red Team performs simulated attacks, and Blue Team defends against them. Enhance both offensive and defensive capabilities through collaborative exercises and feedback.

Infrastructure Testing

Test the security of network infrastructure components, including routers, switches, and firewalls. Identify configuration issues and potential security gaps that could be exploited by attackers.

Application Security Testing

Perform security assessments on web and mobile applications to identify vulnerabilities such as SQL injection, cross-site scripting (XSS), and insecure configurations. Ensure applications are secure against potential attacks.

Wireless Network Security Testing

Assess the security of wireless networks, including Wi-Fi, to identify vulnerabilities and unauthorized access points. Test encryption and authentication mechanisms.

Breach and Attack Simulation

Utilize automated tools to simulate attacks and measure the effectiveness of existing security controls. - Provide insights into potential weaknesses and areas for improvement.

Threat Intelligence Integration

Utilize threat intelligence to inform and guide Red Team activities, ensuring that simulations reflect the latest threat landscape and adversary tactics.

Security Operations Center (SOC) Management

Monitor and manage security events in real-time using SIEM tools and technologies. Analyze alerts, perform incident triage, and coordinate responses to security incidents.

Incident Response and Management

Provide expert support during and after security incidents, including containment, eradication, and recovery. Conduct root cause analysis and develop remediation strategies.

Vulnerability Management

Identify, assess, and prioritize vulnerabilities within systems and applications. Implement patch management and vulnerability remediation processes.

Threat Detection and Monitoring

Implement and manage threat detection tools and techniques to identify and respond to security threats. Continuously monitor for suspicious activities and potential threats.

Security Policy and Procedure Development

Develop and enforce security policies and procedures to guide organizational practices and ensure compliance. Update policies to address emerging threats and regulatory changes.

Network Security Configuration

Design and manage network security solutions, including firewalls, intrusion detection/prevention systems, and secure network architectures. Implement network segmentation and access controls.

Endpoint Protection

Deploy and manage endpoint security solutions such as anti-virus, anti-malware, and endpoint detection and response (EDR) systems. Monitor and protect endpoints from potential threats and attacks.

Data Encryption and Privacy

Implement encryption solutions to protect sensitive data in transit and at rest. Ensure compliance with data privacy regulations and best practices.

Security Awareness Training

Conduct training sessions to educate employees about security best practices, phishing prevention, and threat awareness. Foster a security-conscious culture within the organization.

Compliance and Risk Management

Ensure that security practices comply with regulatory requirements and industry standards. - Conduct risk assessments and implement risk management strategies to address potential security risks.

Disaster Recovery and Business Continuity Planning

Develop and maintain disaster recovery and business continuity plans to ensure rapid recovery from security incidents or disruptions. - Test and update plans regularly to ensure effectiveness.

Secure DevOps (DevSecOps)

Integrate security practices into the DevOps pipeline to enhance the security of software development and deployment. - Implement automated security testing and monitoring throughout the software development lifecycle.

Cloud Security Management:

Implement and manage security controls for cloud environments (AWS, Azure, Google Cloud). - Ensure compliance with cloud security standards and best practices.

API Security

Assess and secure APIs against vulnerabilities and threats. - Ensure secure API design and implementation practices.

Identity and Access Management (IAM)

Manage and secure user identities and access permissions. - Implement IAM policies and controls to protect sensitive resources.

Data Loss Prevention (DLP)

Deploy and manage DLP solutions to prevent unauthorized data access and exfiltration. - Monitor and control data movement within and outside the organization.

Security Architecture Review

Evaluate and review the design of security architectures to ensure robustness against threats. - Provide recommendations for improving security posture.

Threat Intelligence and Analysis

Gather and analyze threat intelligence to stay informed about emerging threats and vulnerabilities. - Provide actionable insights and recommendations based on threat analysis.

Forensics and Incident Investigation

Conduct forensic analysis and investigations to determine the cause and impact of security incidents. - Gather and preserve evidence for legal and compliance purposes.

Security Automation

Implement and manage security automation tools to streamline security operations and improve efficiency. - Develop and deploy automated responses to common security threats.

Third-Party Risk Management

Assess and manage risks associated with third-party vendors and service providers. - Ensure third parties meet security requirements and standards.

Certificates of Completion

MY FREE CERF

  • All
  • RED TEAM
  • BLUE TEAM
  • FREE

Digital Forensics Essentials (DFE)

FREE

Android Bug Bounty Hunting: Hunt Like a Rat

FREE

Certified Cloud Security Professional (CCSP)

FREE

Network Defense Essentials (NDE)

FREE

SQL Injection Attacks

FREE

Ethical Hacking Essentials (EHE)

FREE

Certified Cloud Security Professional (CCSP)

FREE

Certified Information Security Manager (CISM)

FREE

PowerShell for Security Professionals

FREE

Contact

Contact Me

My Address

Arthar Waddy Street,Alone Township,Yangon

Social Profiles

Email Me

rev3l4infosec@gmail.com

Call Me

+959675196229

Loading
Your message has been sent. Thank you!
Designed by MR.GH0ST